From de5f0d8ba7156e9579cc52898cbe0b3a25f64aad Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 28 Jun 2017 14:21:21 -0400
Subject: Replace crash on missing handle in consdiffmgr with nonfatal assert

Attempts to mitigate 22752.
---
 src/or/consdiffmgr.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c
index 4036f665f9..638fcd6794 100644
--- a/src/or/consdiffmgr.c
+++ b/src/or/consdiffmgr.c
@@ -325,7 +325,8 @@ cdm_diff_ht_purge(consensus_flavor_t flav,
     if ((*diff)->cdm_diff_status == CDM_DIFF_PRESENT &&
         flav == (*diff)->flavor) {
 
-      if (consensus_cache_entry_handle_get((*diff)->entry) == NULL) {
+      if (BUG((*diff)->entry == NULL) ||
+          consensus_cache_entry_handle_get((*diff)->entry) == NULL) {
         /* the underlying entry has gone away; drop this. */
         next = HT_NEXT_RMV(cdm_diff_ht, &cdm_diff_ht, diff);
         cdm_diff_free(this);
@@ -622,6 +623,9 @@ consdiffmgr_find_diff_from(consensus_cache_entry_t **entry_out,
     return CONSDIFF_IN_PROGRESS;
   }
 
+  if (BUG(ent->entry == NULL)) {
+    return CONSDIFF_NOT_FOUND;
+  }
   *entry_out = consensus_cache_entry_handle_get(ent->entry);
   return (*entry_out) ? CONSDIFF_AVAILABLE : CONSDIFF_NOT_FOUND;
 
-- 
cgit v1.2.3-54-g00ecf